In cryptography, we secure a message by encrypting the message with a certain key and then sending it over the network. The security of the encryption usually depends on the key length. In this article, I’ll show why key length is a very important topic in cryptography.
Key length (a.k.a. key size) is the number of bits of a key used to encrypt a message. The length on its own is not a measure of how secure the ciphertext is. However, for secure ciphers, the longer the key the stronger the encryption.
Keep reading to find out how the key size can impact the security of the algorithm you are using to encrypt messages.
In cryptography, we can use two types of algorithms named symmetric or asymmetric Let’s divide our key size analysis according to their use on these two types of algorithms.
Table of Contents
- Why does the key size matter in cryptography?
- Level of security in cryptographic algorithms
- Keys in symmetric cryptography
- Keys in asymmetric cryptography
- Recommended algorithms and key lengths
- Comparison of the security level of symmetric and asymmetric algorithms
- Example of key generation in python
- Summary
Why does the key size matter in cryptography?
The security of a cipher does not depend on the attacker not knowing the algorithm that was used for encryption. The security depends on how hard it is, mathematically, to break the code.
There are two main types of attacks to a cipher: brute force and cryptanalysis.
Let’s analyse the impact of the key size on a brute force attack.
Key size impact in a brute force attack
In a brute force attack, the attacker will generate all possible keys and try each of them until one is successful. Therefore, the more possible keys, the better.
For instance, the Caesar cipher, is a substitution/shift cipher that substitutes each letter in the plain message for the letter that is n positions after. n is known as the shift or the key. For instance, if the key is 3, ‘a’ is substituted by ‘d’ because ‘d’ is three positions after ‘a’ in the alphabet.
Because the alphabet has 26 letters, there are only 26 possible keys to use with this cipher. So, it is very easy to try all the keys and break the code if you know how to read the text that was encrypted.
Other ciphers use a key of a specific length, for instance, 128 bits. A bit is a basic unit used in computers and can have only two values, 1 or 0.
So, how many keys we can have if we use 128 bits, and each bit can have two values? This is a classic counting problem.
We can choose the first bit in 2 ways, the second also in two ways, and so on until the last one. Here, we apply the multiplication rule to calculate the total number of ways.
2 x 2 x 2 x … x 2 = 2^128 = 340282366920938463463374607431768211456L
This is quite a long number.
Because it is computationally infeasible to calculate the previous number of keys in our current computers, a brute force attack that must try all the possible keys is not practical.
Level of security in cryptographic algorithms
The level of security of a cipher is considered a measure of the strength of a certain algorithm and is measured in bits.
An algorithm that is 64-bits secure means that an attacker will have to perform 2^64 operations to break the encryption.
Algorithms are considered secure if they are at least 112-bit secure.
Keys in symmetric cryptography
The current standard for symmetric cryptography is the Advanced Encryption Standard (AES) algorithm.
AES is a block cipher.
The key sizes approved as secure for AES are 128, 192, and 512 bits.
Keys in asymmetric cryptography
Asymmetric cryptography key strength is based on the complexity of integer factorization. This problem is hard to solve (it needs a lot of time) but it takes less time than a brute force attack. For this reason, asymmetric cryptographic algorithms need a longer key size to have a similar level of security than symmetric cryptographic algorithms.
The key sizes approved for the use of AES are 128, 192, and 256.
In the case of RSA, the key size recommended by NIST is a minimum of 2048 bits.
The family of elliptic curve cryptography (ECC) algorithms has been proved to achieve a similar level of security with smaller key sizes.
However, RSA and ECC are presumable to be broken if quantum computers become a practical reality.
How long is a public key?
The length of a public key depends on the algorithm that is being used. Find below a table with possible key lengths for public keys.
| Algorithm | Key size |
| RSA | 1024, 2048, 4096 |
| Elliptic Curve | 256, 384, 512 |
| Diffie-Hellman | 2048 |
| Elgamal | 1024 |
There are recommendations of what key size to use depending on the level of security that you need.
For instance, NIST recommends the use of 2048 bit key size when using RSA since 2015. Before that, 1024 was the recommended key size.
Why does this happen?
Every day, with the evolution of technology, the computer gets more processing power making difficult from the past easier in the present. Also, new mathematics methods and tools are discovered. Both of them, influence how long a cryptographic protocol recommendation can be valid.
Usually, theories are discovered and published on how to break certain ciphers. Even though they might not be practical at the moment because of the lack of computational power needed, they shed light on possible vulnerabilities. Then, improvements are made to the algorithms, so they don’t become insecure.
One of the improvements is to recommend using longer keys, as it happened with RSA.
Recommended algorithms and key lengths
Find below a table with the recommended key size for different algorithms.
| Algorithm | Recommended key size |
| AES | 128 |
| RSA | 2048, 3072, 7680 |
| Elliptic Curve | 256, 384 |
| DSA | 2048, 3072, 6770 |
| Diffie-Hellman | 2048, 3072, 6770 |
In certain cases, it is recommended to use AES with a key size equal to or greater than 192. Therefore, it is important to see the regulations related to certain information security policies.
All the algorithms in the table above are secure. So, the higher the key size the strongest the security.
Comparison of the security level of symmetric and asymmetric algorithms
Find below a comparison of the security level and key size of symmetric and asymmetric algorithms.
In the case of DSA and Diffie-Hellman algorithms, L means the size of the public key and N is the size of the private key.
| Security strength | Symmetric Key Algorithms | DSA, Diffie-Hellman | RSA | Elliptic Curve |
| 80 | 2TDEA | L=1024 N=160 | 1024 | 160-223 |
| 112 | 3TDEA | L=2048 N=224 | 2048 | 224-255 |
| 128 | AES-128 | L=3072 N=256 | 3072 | 256-383 |
| 192 | AES-192 | L=7680 N=384 | 7680 | 384-511 |
| 256 | AES-256 | L=15360 N=512 | 15360 | 512+ |
From the table above, we can see that asymmetric algorithms need longer keys to guarantee the same level of security than symmetric algorithms.
Example of key generation in python
See below an example of random key generation of 128 bits. The parameter is 16 because is on bytes (1 byte = 8 bits). If you want to generate keys of different sizes, you can change 16 for the number of bytes needed.
import os
random_key = os.urandom(16)
number = int.from_bytes(random_key, byteorder="big")
To generate a public and private key pair for RSA, you can use the python library Cryptography. This is an example you can use to play around with the keys and the algorithm.
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization
private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
)
private_bytes = private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=serialization.BestAvailableEncryption(b'mypassword')
)
print (private_bytes)
public_key = private_key.public_key()
public_bytes = private_key.public_key().public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo
)
print (public_bytes)Remember that is always important to read the documentation for a specific software libraries before using them.
Summary
As a summary, we can mention the following key points:
- Key size by itself does not guarantee security level.
- There are different key size recommendations, depending on what algorithm you are using and for what purpose.
Related topics:
General concepts to study Cryptography